<?php $start = microtime(TRUE); ?>
<?php include "adminfunctions.php"; ?>
<html>
<head>
<title><?php title($title); ?> :Submit a Quote</title>
<?php css($css); ?>
</head>

<body>
<?php qheader(); ?>
<center>
Admin: <?php adminlinks(); ?>
<div id="body">
<?php
include "adminfunctions.php";

// We were sent here by the form in admin/modquotes.php

$quotenum = $_POST['modbutton'];
// explode by _

$decarr = explode("_",$quotenum);
$quotestatus = $decarr[0];
$quotesqlnum = $decarr[1];
addslashes($quotestatus);
addslashes($quotesqlnum);

startsql();
if($quotestatus == "approve"){
$result = mysql_query("SELECT * FROM queue WHERE id='$quotesqlnum'") or die(mysql_error());
 $apprquote = mysql_fetch_array( $result );
 echo $apprquote['quote']." is at ".$apprquote['id'];
 $approvedquote = $apprquote['quote'];
 $approvedcomment = $apprquote['comments'];
mysql_query("INSERT INTO quotes (ID, quote, comment, rating) VALUES(NULL, '$approvedquote', '$approvedcomment', '0')") or die(mysql_error());
mysql_query("DELETE FROM queue WHERE id='$quotesqlnum'") or die(mysql_error());

echo $approvedcomment;

//echo '<meta http-equiv="refresh" content="0;url=./modquotes.php">';
} else if($quotestatus == "disapprove"){
mysql_query("DELETE FROM queue WHERE id='$quotesqlnum'") or die(mysql_error());
echo "Redirecting you to Quote Moderation";
echo '<meta http-equiv="refresh" content="0;url=./modquotes.php">';
}

//endsql();

</div></body>


</div>

<br><br><font size="2">
<?php footer(); ?>
<?php
$finish = microtime(TRUE);
$total_time = round(($finish - $start), 4);
echo '<br>Page generated in '.$total_time.' seconds.'."\n";
?>
</font>
</center>
</html>
